[systemd-devel] networkd: IPv6: equivalent of 'default via fe80::1` with policy routing?

TJ systemd at iam.tj
Fri Sep 1 11:46:14 UTC 2023 

I may just be over-thinking this but I have a scenario that I can configure manually but have not been able to figure out how to amend the networkd configuration to match!

# echo "2 starlink" >> /etc/iproute2/rt-tables
# ip -6 rule add from 2001:0DB8:1:1::/64 table starlink priority 100
# ip -6 route add default via fe80::1 dev WAN table starlink

Note: 'via' required to prevent failed neighbour solicitations for external addresses.

The issue is I cannot see how to achieve both 'default' and 'via' in .network
  ROUTE section (when specifying a routing table).
I see recommendations to use `Gateway=::` as an alias for 'default' but that prevents
  setting the next-hop router address explicitly, which results in failure due to neighbour
  solicitation.

Scenario (current):
  IPv6 only local network
  gateway is host using systemd-networkd (systemd 252.12 on Debian 12)
  gateway is directly connected to Starlink terminal (the 'dish') on interface "WAN"
  "WAN" interface has only operated on IPv4 until now (CG-NAT)
  Wireguard IP tunnel to data-center server acting as public gateway
  Wireguard tunnel only carries IPv6
  data-center gateway delegates public IPv6 prefix to local gateway
  local hosts allocated public addresses by gateway

Scenario (new):
  Starlink terminal now advertises an IPv6 /64 prefix using RA
  allocate IPv6 from prefix (manually or automatically) to "WAN"
  use policy routing so replies go out on "WAN" when arriving on that interface

(this is to act as a back-up since the Wireguard tunnel will remain the primary routing)

/etc/systemd/networkd.conf:
[Network]
RouteTable=starlink:2

/etc/systemd/network/WAN.network:
# ... existing configuration# named tables must be added to /etc/systemd/networkd.conf as name:number pairs, space separated:
# [Network]
# RouteTable=starlink:2

[Address]
Address=2001:0DB8:1:1::dead:beef/64

[RoutingPolicyRule]
Table=starlink
From=2001:0DB8:1:1::/64
Priority=100

[Route]
# starlink terminal link-local address (gateway's should always use link-local address)
Gateway=fe80::1
# default route
# Gateway=::
GatewayOnLink=true
Table=starlink
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0xEFEC37A429CD6080.asc
Type: application/pgp-keys
Size: 15139 bytes
Desc: OpenPGP public key
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20230901/661b890e/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 203 bytes
Desc: OpenPGP digital signature
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20230901/661b890e/attachment-0001.sig>

More information about the systemd-devel mailing list